package com.ltu.config;

import java.io.File;

import org.apache.catalina.Context;
import org.apache.catalina.connector.Connector;
import org.apache.tomcat.util.descriptor.web.SecurityCollection;
import org.apache.tomcat.util.descriptor.web.SecurityConstraint;
import org.springframework.boot.web.embedded.tomcat.TomcatServletWebServerFactory;
import org.springframework.boot.web.server.ConfigurableWebServerFactory;
import org.springframework.boot.web.server.Ssl;
import org.springframework.boot.web.server.WebServerFactoryCustomizer;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;


//
//@Profile("dev")
//@Configuration
public class LocalSSLConfig {
	
	
//	/**
//     * 编程方式实现springboot的http
//     *
//     * @return
//     */
//    @Bean
//    public TomcatServletWebServerFactory servletContainer() {
//        TomcatServletWebServerFactory tomcat = new TomcatServletWebServerFactory() {
//            @Override
//            protected void postProcessContext(Context context) {
//                //安全约束
//                SecurityConstraint securityConstraint = new SecurityConstraint();
//                securityConstraint.setUserConstraint("CONFIDENTIAL");
//                SecurityCollection collection = new SecurityCollection();
//                collection.addPattern("/*");
//                securityConstraint.addCollection(collection);
//                context.addConstraint(securityConstraint);
//            }
//        };
//        tomcat.addAdditionalTomcatConnectors(createHttpConnector());
//        return tomcat;
//    }
//    
//    /**
//     * 创建http连接器
//     *
//     * @return
//     */
//    private Connector createHttpConnector() {
//        Connector connector = new Connector("org.apache.coyote.http11.Http11NioProtocol");
//        connector.setScheme("http");
//        // http端口
//        connector.setPort(8933);
//        connector.setSecure(false);
//        // https端口
////        connector.setRedirectPort(8443);
//        return connector;
//    }

	
	/**
     * java方式实现springboot的https
     * @return
     */
    @Bean
    public WebServerFactoryCustomizer<ConfigurableWebServerFactory> containerCustomizer() {
        return new WebServerFactoryCustomizer<ConfigurableWebServerFactory>() {
            @Override
            public void customize(ConfigurableWebServerFactory container) {
                Ssl ssl = new Ssl();
                //服务器私钥和证书
                String userDir = System.getProperties().getProperty("user.dir").concat(File.separator).concat("cert");
        		String path = userDir.concat(File.separator).concat("ct.szcxmx.cn.pfx");
                ssl.setKeyStore(path);
                ssl.setKeyStorePassword("oO1Gu2Bj");
                ssl.setKeyStoreType("PKCS12"); //通过配置文件读进来 @Value("${}")
                container.setSsl(ssl);
                container.setPort(8933);
                
            }
        };
    }

	
}
